flights

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly pulls live Google Flights data via the third‑party fast-flights package (see SKILL.md "Uses Google Flights data..." and scripts/flights-search where search_flights calls fast_flights.get_flights), and the returned flight fields (departure/arrival/airline/price/stops) are parsed and used to filter, sort, and drive booking-link generation—so untrusted third‑party web content directly influences program decisions.